CVE-2020-17365
First published: Thu Sep 24 2020(Updated: )
Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access. The vulnerability allows a local user to corrupt system files: a local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pango Hotspot Shield | <=10.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/author
- agent/event
- agent/type
- agent/severity
- agent/references
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/pango
- canonical/pango hotspot shield
- version/pango hotspot shield/10.3.0